Joomla 1.5.12 Remote Code Execution Exploit

A vulnerability exists in the TinyMCE editor, included in the tiny browser plugin, which allows uploading files without authentication. This can be exploited to upload files with multiple extensions and execute arbitrary PHP code.
Exploit type: 
Vulnerabilty ID: 
NOCVE-9999-39524
Product Version: 
9.0
Released Date: 
Monday, August 31, 2009 - 00:00